New Adware - Virus Found - Download ByteSecurity Antivirus

Do not use any third party antivirus apps on your Mac. They are not needed and may cause problems. Search these communities to find the thousands of posts where these apps have caused issues.

Read this helpful tip:

Effective defenses against malware and other threats

I, too, have received the ad. I did not download it, of course, as Apple would NEVER approach like this. There is a site

bytesecurity.*** in Dallas but don't know if it is the same identity as on this pop-up window. I'll try to look at my CISCO Umbrella / OpenDNS data and see where this came from. Malwarebytes did NOT find anything on my Macpro 2013, but, again, I did not download it. I also can't close the window, yet.

bytesecurity.***/infosec/

Thanks for the heads up! Yes, ByteSecurity AV seems to be one of the newer AV softwares resorting to underhanded tactics to get you to download their unnecessary product. I see them featured on MacUpdate site, another good place to stay away from. Also know that no one, not even Apple is capable of scanning your Mac for anything without your allowing the use of a program to do so.

ByteSecurity is a fraudulent, fake anti-virus app, and it is promoted by at least one fake security app (Firewall CyberGuard) that I know of, that displays a fake virus warning window similar to the one in your first image. This behavior is bad enough that I'd classify this as malware.

I suspect there are other apps promoting this software, so I'm curious what Malwarebytes Anti-Malware for Mac removed. There isn't anything else associated with this particular malware that I'm aware of that Malwarebytes will detect, yet your "virus warning" looks different from the one that Firewall CyberGuard will display.

Would you be willing to post a system snapshot taken with Malwarebytes Anti-Malware for Mac? To do so, open Malwarebytes Anti-Malware and choose Take System Snapshot from the Scanner menu. Then, in the window that opens, select all the text (Edit → Select All), copy it and paste into a reply to this message.

Alternately, if you'd prefer not to post that information publicly, choose Contact Support from the Help menu within Malwarebytes Anti-Malware instead, and mention this discussion in the description of the problem in the message you send to support. I'll be able to see it.

Well done for taking the trouble to broadcast your findings. Of course, it is a scam, and fortunately you knew it too.

Pleased to also see the phrasing of the header. It is a help to anyone who receives similar and goes on to research it.

Unless that is a pop-up in your web browser - which it doesn't look like it is - it's being displayed by something on your computer. If you don't have the fraudulent Firewall CyberGuard app installed, then there must be something new that is displaying this pop-up. In that case, please open Malwarebytes and choose Contact Support from the Help menu, and mention my name (Thomas Reed) and this discussion. I'd like to take a look and see if we can identify what that is.

Doing it now. I agree that this 'pop-up' window is unusual, as, it is not related to a browser, etc. Malwarebytes does not detect it. So, I"ve got an email in to them and will post a followup. Thank you.

Patrick

MacOvation ACN Member

I've already raised concern with this product on Cnet and Download.com with what limited ability you can do it and directed anyone with questions to come to these forums with questions on the legitimacy of this particular software and it's sales tactics.

Bob is 100% correct. Every major Windows "Credible" AV developer has stated this is a terrible idea.

https://www.kaspersky.com/blog/multiple-antivirus-programs-bad-idea/2670/

https://support.symantec.com/en_US/article.TECH104806.html

Even Microsoft, makers of the official breading grounds of all dangerous and malicious software recommends you don't do this.

https://blogs.microsoft.com/microsoftsecure/2014/08/05/can-i-run-more-than-one-a ntivirus-program/

Thank you. What I actually did, was, use differing apps to check differing areas of my computer and peripherals. At different times.

I do see the point here and it is well taken.

Some have recommended Kapersky, but, reviews on the Apple Store are dismal.

In the day (90's) I used Norton Utilities but it went sour and I'm cautious to try it again.

No AV software is necessary or recommended for Mac OS. There are no viruses that affect Mac OS, so they are selling a cure for a disease that does not exist. At best they will use unnecessary resources and may conflict with Mac's own built-in malware protection. At worst they will completely bork your system.

The best course of action is to rely on Mac's built-in protection and use your own common sense when browsing.

If you should get malware, use MalwareBytes to remove it.

Please don't. This thread has had a hard time but once and for all, you truly do not need anti-virus aids. What I would recommend to you is to run Etre check and allow us to help determine what you have that is best out of the way.

https://etrecheck.com/

I also suggest you start a new thread for yourself otherwise this one will become overloaded.

the forums here can attest repeatedly that all Anti-Virus products for OS X are involved in some sort of trouble causing the the OS that far outweighs any claims they like to make about their need on Mac. If you are using your Mac as a "gate keeper" to filter Windows attacks on your network your Windows AV solutions have had a magnitude more of development time, feedback and cooperation than all the Mac AV offerings combined - any many times over. Use Windows AV to defend Windows, don't harm your Mac in an attempt to help.

For those following along, I privately sent pcarrington the following python script to run:

#!/usr/bin/env python

import time

from Quartz import CGWindowListCopyWindowInfo, kCGWindowListExcludeDesktopElements, kCGNullWindowID

from Foundation import NSSet, NSMutableSet

wl1 = CGWindowListCopyWindowInfo(kCGWindowListExcludeDesktopElements, kCGNullWindowID)

print 'Move target window'

time.sleep(5)

wl2 = CGWindowListCopyWindowInfo(kCGWindowListExcludeDesktopElements, kCGNullWindowID)

w = NSMutableSet.setWithArray_(wl1)

w.minusSet_(NSSet.setWithArray_(wl2))

print '\nList of windows that moved:'

print w

print '\n'

What this does is help you identify any windows that moved during the 5 seconds that the script runs... so when you see an unfamiliar window with no clear owner, you can run this, move the window, and then the script will spit out info showing who owns the window (among many other things).

Of course, using the script relies on the window popping back up again, which it sounds like it hasn't done... 😝

This forum regularly recommends Malwarebytes, how did you look (the creator of Malwarebytes is a regular poster here) there are plenty of posts to choose from, and even Apple themselves recommend it.